<?php
/* -------------------------------------------------------------------------------------
* 	ID:						$Id: customers.php 463 2014-01-30 15:41:25Z phone.mueller@googlemail.com $
* 	Letzter Stand:			$Revision: 463 $
* 	zuletzt geaendert von:	$Author: siekiera $
* 	Datum:					$Date: 2014-01-30 15:41:25 +0000 (Thu, 30 Jan 2014) $
*
* 	SEO:mercari by Siekiera Media
* 	http://www.seo-mercari.de
*
* 	Copyright (c) since 2011 SEO:mercari
* --------------------------------------------------------------------------------------
* 	based on:
* 	(c) 2000-2001 The Exchange Project  (earlier name of osCommerce)
* 	(c) 2002-2003 osCommerce - www.oscommerce.com
* 	(c) 2003     nextcommerce - www.nextcommerce.org
* 	(c) 2005     xt:Commerce - www.xt-commerce.com
*
* 	Released under the GNU General Public License
* ----------------------------------------------------------------------------------- */

require ('includes/application_top.php');
require_once (DIR_FS_INC.'inc.validate_vatid_status.php');
require_once (DIR_FS_INC.'inc.get_geo_zone_code.php');
require_once (DIR_FS_INC.'inc.encrypt_password.php');
require_once (DIR_FS_INC.'inc.js_lang.php');

$customers_statuses_array = get_customers_statuses();

if($_GET['special'] == 'remove_memo') {
	$mID = ($_GET['mID']);
	$db->db_query("DELETE FROM ".TABLE_CUSTOMERS_MEMO." WHERE memo_id = ".$mID);
	redirect(href_link(FILENAME_CUSTOMERS, 'cID='.(int) $_GET['cID'].'&action=edit&'.getMenuID('customers')));
}

if ($_GET['action'] == 'edit' || $_GET['action'] == 'update') {
	if ($_GET['cID'] == 1 && $_SESSION['customer_id'] == 1) {
	} else {
		if ($_GET['cID'] != 1) {} 
		else
			redirect(href_link(FILENAME_CUSTOMERS, getMenuID('customers')));
	}
}

if ($_GET['action']) {
	switch ($_GET['action']) {
		case 'new_order' :

			$customers1 = $db->db_query("SELECT * from ".TABLE_CUSTOMERS." WHERE customers_id = ".$_GET['cID']);

			$customers = $db->db_query("SELECT * from ".TABLE_ADDRESS_BOOK." WHERE customers_id = ".$_GET['cID']);

			$country = $db->db_query("SELECT countries_name from ".TABLE_COUNTRIES." WHERE countries_id = ".$customers->fields['entry_country_id']);

			$stat = $db->db_query("SELECT * from ".TABLE_CUSTOMERS_STATUS." WHERE customers_status_id = ".$customers1->fields['customers_status']);

			$sql_data_array = array ('customers_id' => ($customers->fields['customers_id']),
									'customers_cid' => ($customers1->fields['customers_cid']),
									'customers_vat_id' => ($customers1->fields['customers_vat_id']),
									'customers_status' => ($customers1->fields['customers_status']),
									'customers_status_name' => ($stat->fields['customers_status_name']),
									'customers_status_image' => ($stat->fields['customers_status_image']),
									'customers_status_discount' => ($stat->fields['customers_status_discount']),
									'customers_name' => ($customers->fields['entry_firstname'].' '.$customers->fields['entry_lastname']),
									'customers_firstname' => ($customers->fields['entry_firstname']),
									'customers_lastname' => ($customers->fields['entry_lastname']),
									'customers_company' => ($customers->fields['entry_company']),
									'customers_street_address' => ($customers->fields['entry_street_address']),
									'customers_suburb' => ($customers->fields['entry_suburb']),
									'customers_city' => ($customers->fields['entry_city']),
									'customers_postcode' => ($customers->fields['entry_postcode']),
									'customers_state' => ($customers->fields['entry_state']),
									'customers_country' => ($country->fields['countries_name']),
									'customers_telephone' => ($customers1->fields['customers_telephone']),
									'customers_email_address' => ($customers1->fields['customers_email_address']),
									'customers_address_format_id' => '5', 
									'delivery_name' => ($customers->fields['entry_firstname'].' '.$customers->fields['entry_lastname']),
									'delivery_firstname' => ($customers->fields['entry_firstname']),
									'delivery_lastname' => ($customers->fields['entry_lastname']),
									'delivery_company' => ($customers->fields['entry_company']),
									'delivery_street_address' => ($customers->fields['entry_street_address']),
									'delivery_suburb' => ($customers->fields['entry_suburb']),
									'delivery_city' => ($customers->fields['entry_city']),
									'delivery_postcode' => ($customers->fields['entry_postcode']),
									'delivery_state' => ($customers->fields['entry_state']),
									'delivery_country' => ($country->fields['countries_name']),
									'delivery_address_format_id' => '5',
									'billing_name' => ($customers->fields['entry_firstname'].' '.$customers->fields['entry_lastname']),
									'billing_firstname' => ($customers->fields['entry_firstname']),
									'billing_lastname' => ($customers->fields['entry_lastname']),
									'billing_company' => ($customers->fields['entry_company']),
									'billing_street_address' => ($customers->fields['entry_street_address']),
									'billing_suburb' => ($customers->fields['entry_suburb']),
									'billing_city' => ($customers->fields['entry_city']),
									'billing_postcode' => ($customers->fields['entry_postcode']),
									'billing_state' => ($customers->fields['entry_state']),
									'billing_country' => ($country->fields['countries_name']),
									'billing_address_format_id' => '5',
									'payment_method' => 'cod',
									'comments' => '',
									'last_modified' => 'NOW()',
									'date_purchased' => 'NOW()',
									'orders_status' => '1',
									'orders_date_finished' => '',
									'currency' => 'EUR',
									'currency_value' => '1.0000',
									'account_type' => '0',
									'payment_class' => 'cod',
									'shipping_method' => 'Pauschale Versandkosten',
									'shipping_class' => 'flat_flat',
									'customers_ip' => '',
									'language' => 'german');

			$insert_sql_data = array ('currency_value' => '1.0000');
			$sql_data_array = array_merge($sql_data_array, $insert_sql_data);
			$db->db_perform(TABLE_ORDERS, $sql_data_array);
			$orders_id = $db->db_insert_id();

			$sql_data_array = array ('orders_id' => $orders_id, 'title' => '<b>Gesamtsumme</b>:', 'text' => '0', 'value' => '0', 'class' => 'ot_total');

			$insert_sql_data = array ('sort_order' => MODULE_ORDER_TOTAL_TOTAL_SORT_ORDER);
			$sql_data_array = array_merge($sql_data_array, $insert_sql_data);
			$db->db_perform(TABLE_ORDERS_TOTAL, $sql_data_array);

			$sql_data_array = array ('orders_id' => $orders_id, 'title' => '<b>Zwischensumme</b>:', 'text' => '0', 'value' => '0', 'class' => 'ot_subtotal');

			$insert_sql_data = array ('sort_order' => MODULE_ORDER_TOTAL_SUBTOTAL_SORT_ORDER);
			$sql_data_array = array_merge($sql_data_array, $insert_sql_data);
			$db->db_perform(TABLE_ORDERS_TOTAL, $sql_data_array);

			redirect(href_link(FILENAME_ORDERS, 'oID='.$orders_id.'&action=edit&'.getMenuID('customers')));

			break;

		case 'statusconfirm' :
			$customers_id = $_GET['cID'];
			$customer_updated = false;
			$check_status = $db->db_query("SELECT customers_firstname, customers_lastname, customers_email_address , customers_status, member_flag from ".TABLE_CUSTOMERS." WHERE customers_id = ".$db->db_prepare($_GET['cID']));

			if ($check_status->fields['customers_status'] != $status) {
				$db->db_query("UPDATE ".TABLE_CUSTOMERS." SET customers_status = ".$_POST['status']." WHERE customers_id = ".$db->db_prepare($_GET['cID']));

				$customer_notified = '0';
				$db->db_query("INSERT INTO ".TABLE_CUSTOMERS_STATUS_HISTORY." (customers_id, new_value, old_value, date_added, customer_notified) VALUES (".$db->db_prepare($_GET['cID']).", ".($_POST['status']).", '".$check_status->fields['customers_status']."', NOW(), '".$customer_notified."')");
				$customer_updated = true;
			}
			if(isset($_POST['admin_group']) && !empty($_POST['admin_group']))
				$db->db_query("UPDATE ".TABLE_CUSTOMERS." SET admin_id = '".$_POST['admin_group']."' WHERE customers_id = ".$db->db_prepare($_GET['cID']));
			
			redirect(href_link(FILENAME_CUSTOMERS, '&'.getMenuID('customers').'&cID='.$_GET['cID'].(isset($_GET['page']) ? '&page='.$_GET['page'] : '')));
			break;

		case 'update' :
			$customers_id = ($_GET['cID']);
			$customers_cid = ($_POST['csID']);
			$customers_vat_id = ($_POST['customers_vat_id']);
			$customers_vat_id_status = ($_POST['customers_vat_id_status']);
			$customers_firstname = ($_POST['customers_firstname']);
			$customers_lastname = ($_POST['customers_lastname']);
			$customers_email_address = ($_POST['customers_email_address']);
			$customers_telephone = ($_POST['customers_telephone']);
			$customers_fax = ($_POST['customers_fax']);

			$customers_gender = ($_POST['customers_gender']);
			$customers_dob = $_POST['customers_dob'];

			$default_address_id = ($_POST['default_address_id']);
			$entry_street_address = ($_POST['entry_street_address']);
			$entry_suburb = ($_POST['entry_suburb']);
			$entry_postcode = ($_POST['entry_postcode']);
			$entry_city = ($_POST['entry_city']);
			$entry_country_id = ($_POST['entry_country_id']);

			$entry_company = ($_POST['entry_company']);
			$entry_state = ($_POST['entry_state']);
			$entry_zone_id = ($_POST['entry_zone_id']);

			$memo_title = ($_POST['memo_title']);
			$memo_text = ($_POST['memo_text']);

			$payment_unallowed = ($_POST['payment_unallowed']);
			$shipping_unallowed = ($_POST['shipping_unallowed']);
			$password = ($_POST['entry_password']);


			if ($memo_text != '' && $memo_title != '') {
				$sql_data_array = array('customers_id' => $_GET['cID'],
										'memo_date' => date("Y-m-d"),
										'memo_title' => $memo_title,
										'memo_text' => $memo_text,
										'poster_id' => $_SESSION['customer_id']);
				$db->db_perform(TABLE_CUSTOMERS_MEMO, $sql_data_array);
			}
			$error = false;

			if(strlen($customers_firstname) < ENTRY_FIRST_NAME_MIN_LENGTH) {
				$error = true;
				$entry_firstname_error = true;
			} else
				$entry_firstname_error = false;

			if(strlen($customers_lastname) < ENTRY_LAST_NAME_MIN_LENGTH) {
				$error = true;
				$entry_lastname_error = true;
			} else
				$entry_lastname_error = false;

			if(ACCOUNT_DOB == 'true') {
				if (checkdate(substr(date_raw($customers_dob), 4, 2), substr(date_raw($customers_dob), 6, 2), substr(date_raw($customers_dob), 0, 4)))
					$entry_date_of_birth_error = false;
				else {
					$error = true;
					$entry_date_of_birth_error = true;
				}
			}

			if(get_geo_zone_code($entry_country_id) != '6') {
				require_once(DIR_FS_CATALOG.DIR_WS_CLASSES.'class.vat_validation.php');
				$vatID = new vat_validation($customers_vat_id, $customers_id, '', $entry_country_id);

				$customers_vat_id_status = $vatID->vat_info['vat_id_status'];
				$error = $vatID->vat_info['error'];

				if($error==1){
					$entry_vat_error = true;
					$error = true;
				}

			}

			if(strlen($customers_email_address) < ENTRY_EMAIL_ADDRESS_MIN_LENGTH) {
				$error = true;
				$entry_email_address_error = true;
			} else
				$entry_email_address_error = false;

			if (!validate_email($customers_email_address)) {
				$error = true;
				$entry_email_address_check_error = true;
			}else
				$entry_email_address_check_error = false;

			if (strlen($entry_street_address) < ENTRY_STREET_ADDRESS_MIN_LENGTH) {
				$error = true;
				$entry_street_address_error = true;
			} else
				$entry_street_address_error = false;

			if (strlen($entry_postcode) < ENTRY_POSTCODE_MIN_LENGTH) {
				$error = true;
				$entry_post_code_error = true;
			} else {
				$entry_post_code_error = false;
			}

			if (strlen($entry_city) < ENTRY_CITY_MIN_LENGTH) {
				$error = true;
				$entry_city_error = true;
			} else
				$entry_city_error = false;

			if ($entry_country_id == false) {
				$error = true;
				$entry_country_error = true;
			} else
				$entry_country_error = false;

			if (ACCOUNT_STATE == 'true') {
				if ($entry_country_error == true)
					$entry_state_error = true;
				else {
					$zone_id = 0;
					$entry_state_error = false;
					$check_value = $db->db_query("SELECT COUNT(*) AS total FROM ".TABLE_ZONES." WHERE zone_country_id = ".($entry_country_id));

					$entry_state_has_zones = ($check_value->fields['total'] > 0);
					if($entry_state_has_zones == true) {
						$zone = $db->db_query("SELECT
													zone_id
												FROM
													".TABLE_ZONES."
												WHERE
													zone_country_id = ".($entry_country_id)."
												AND
													zone_name = ".($entry_state));
						if($zone->_numOfRows == 1)
							$entry_zone_id = $zone->fields['zone_id'];

						else {
							$zone = $db->db_query("SELECT
															zone_id
														FROM
															".TABLE_ZONES."
														WHERE
															zone_country_id = ".$entry_country."
														AND
															zone_code = ".$entry_state);

							if($zone->_numOfRows > 0)
								$zone_id = $zone->fields['zone_id'];

							else {
								$error = true;
								$entry_state_error = true;
							}
						}
					} else {
						if ($entry_state == false) {
							$error = true;
							$entry_state_error = true;
						}
					}
				}
			}

			if (strlen($customers_telephone) < ENTRY_TELEPHONE_MIN_LENGTH) {
				$error = true;
				$entry_telephone_error = true;
			} else
				$entry_telephone_error = false;

			$check_email = $db->db_query("SELECT
												customers_email_address
											FROM
												".TABLE_CUSTOMERS."
											WHERE
												customers_email_address = '".$customers_email_address."'
											AND
												customers_id <> ".$customers_id);

			if($check_email->_numOfRows) {
				$error = true;
				$entry_email_address_exists = true;
			} else
				$entry_email_address_exists = false;

			if($error == false) {
				$sql_data_array = array('customers_firstname' => $customers_firstname,
										'customers_cid' => $customers_cid,
										'customers_vat_id' => $customers_vat_id,
										'customers_vat_id_status' => $customers_vat_id_status,
										'customers_lastname' => $customers_lastname,
										'customers_email_address' => $customers_email_address,
										'customers_telephone' => $customers_telephone,
										'customers_fax' => $customers_fax,
										'payment_unallowed' => $payment_unallowed,
										'shipping_unallowed' => $shipping_unallowed,
										'customers_last_modified' => 'now()');

				if($password != "")
					$sql_data_array=array_merge($sql_data_array,array('customers_password' => encrypt_password($password)));

				if(ACCOUNT_GENDER == 'true')
					$sql_data_array['customers_gender'] = $customers_gender;

				if(ACCOUNT_DOB == 'true')
					$sql_data_array['customers_dob'] = date_raw($customers_dob);

				$db->db_perform(TABLE_CUSTOMERS, $sql_data_array, 'update', "customers_id = ".$customers_id);

				$db->db_query("UPDATE
									".TABLE_CUSTOMERS_INFO."
								SET
									customers_info_date_account_last_modified = now()
								WHERE
									customers_info_id = ".($customers_id));

				if($entry_zone_id > 0)
					$entry_state = '';

				$sql_data_array = array('entry_firstname' => $customers_firstname,
										'entry_lastname' => $customers_lastname,
										'entry_street_address' => $entry_street_address,
										'entry_postcode' => $entry_postcode,
										'entry_city' => $entry_city,
										'entry_country_id' => $entry_country_id,
										'address_last_modified' => 'now()');


				if(ACCOUNT_COMPANY == 'true')
					$sql_data_array['entry_company'] = $entry_company;

				if(ACCOUNT_SUBURB == 'true')
					$sql_data_array['entry_suburb'] = $entry_suburb;

				if(ACCOUNT_STATE == 'true') {
					if ($entry_zone_id > 0) {
						$sql_data_array['entry_zone_id'] = $entry_zone_id;
						$sql_data_array['entry_state'] = '';
					} else {
						$sql_data_array['entry_zone_id'] = '0';
						$sql_data_array['entry_state'] = $entry_state;
					}
				}

				$db->db_perform(TABLE_ADDRESS_BOOK, $sql_data_array, 'update', "customers_id = ".($customers_id)." and address_book_id = ".($default_address_id));
				redirect(href_link(FILENAME_CUSTOMERS, get_all_get_params(array ('cID', 'action')).'&'.getMenuID('customers').'&cID='.$customers_id));
			}
			elseif ($error == true) {
				$cInfo = new objectInfo($_POST);
				$processed = true;
			}

			break;
			
		case 'deleteconfirm' :
			$customers_id = ($_GET['cID']);

			if($_POST['delete_reviews'] == 'on') {
				$reviews = $db->db_query("SELECT reviews_id FROM ".TABLE_REVIEWS." WHERE customers_id = ".$customers_id);
				while(!$reviews->EOF) {
					$db->db_query("DELETE FROM ".TABLE_REVIEWS_DESCRIPTION." WHERE reviews_id = '".$reviews->fields['reviews_id']."'");
					$reviews->MoveNext();
				}
				$db->db_query("DELETE FROM ".TABLE_REVIEWS." WHERE customers_id = ".($customers_id));

			} else
				$db->db_query("UPDATE ".TABLE_REVIEWS." SET customers_id = null WHERE customers_id = ".($customers_id));

			$db->db_query("DELETE FROM ".TABLE_ADDRESS_BOOK." WHERE customers_id = ".($customers_id));
			$db->db_query("DELETE FROM ".TABLE_CUSTOMERS." WHERE customers_id = ".($customers_id));
			$db->db_query("DELETE FROM ".TABLE_CUSTOMERS_INFO." WHERE customers_info_id = ".($customers_id));
			$db->db_query("DELETE FROM ".TABLE_CUSTOMERS_BASKET." WHERE customers_id = ".($customers_id));
			$db->db_query("DELETE FROM ".TABLE_CUSTOMERS_BASKET_ATTRIBUTES." WHERE customers_id = ".($customers_id));
			$db->db_query("DELETE FROM ".TABLE_PRODUCTS_NOTIFICATIONS." WHERE customers_id = ".($customers_id));
			$db->db_query("DELETE FROM ".TABLE_WHOS_ONLINE." WHERE customer_id = ".($customers_id));
			$db->db_query("DELETE FROM ".TABLE_CUSTOMERS_STATUS_HISTORY." WHERE customers_id = ".($customers_id));
			$db->db_query("DELETE FROM ".TABLE_CUSTOMERS_IP." WHERE customers_id = ".($customers_id));
			$db->db_query("DELETE FROM ".TABLE_ADMIN_ACCESS." WHERE customers_id = ".($customers_id));

			redirect(href_link(FILENAME_CUSTOMERS, get_all_get_params(array ('cID', 'action')).'&'.getMenuID('customers')));
			break;

		default :
			$customers = $db->db_query("SELECT
											c.customers_id,
											c.customers_cid,
											c.customers_gender,
											c.customers_firstname,
											c.customers_lastname,
											c.customers_dob,
											c.customers_status,
											c.customers_email_address,
											a.entry_company,
											a.entry_street_address,
											a.entry_suburb,
											a.entry_postcode,
											a.entry_city,
											a.entry_state,
											a.entry_zone_id,
											a.entry_country_id,
											c.customers_telephone,
											c.customers_fax,
											c.customers_default_address_id,
											c.admin_id
										FROM
											".TABLE_CUSTOMERS." c
												LEFT JOIN ".TABLE_ADDRESS_BOOK." a ON c.customers_default_address_id = a.address_book_id
										WHERE
											a.customers_id = c.customers_id
										AND
											c.customers_id = '".$_GET['cID']."'");

			$cInfo = new objectInfo($customers->fields);
	}
}

require(DIR_WS_INCLUDES.'metatag.php');

if ($_GET['action'] == 'edit' || $_GET['action'] == 'update') {
?>
<script type="text/javascript">
<!--
function check_form() {
  var error = 0;
  var error_message = "<?php echo js_lang(JS_ERROR); ?>";

  var customers_firstname = document.customers.customers_firstname.value;
  var customers_lastname = document.customers.customers_lastname.value;
<?php if (ACCOUNT_COMPANY == 'true') echo 'var entry_company = document.customers.entry_company.value;'."\n"; ?>
<?php if (ACCOUNT_DOB == 'true') echo 'var customers_dob = document.customers.customers_dob.value;'."\n"; ?>
  var customers_email_address = document.customers.customers_email_address.value;
  var entry_street_address = document.customers.entry_street_address.value;
  var entry_postcode = document.customers.entry_postcode.value;
  var entry_city = document.customers.entry_city.value;
  var customers_telephone = document.customers.customers_telephone.value;

<?php if (ACCOUNT_GENDER == 'true') { ?>
  if (document.customers.customers_gender[0].checked || document.customers.customers_gender[1].checked) {
  } else {
    error_message = error_message + "<?php echo js_lang(JS_GENDER); ?>";
    error = 1;
  }
<?php } ?>

  if (customers_firstname == "" || customers_firstname.length < <?php echo ENTRY_FIRST_NAME_MIN_LENGTH; ?>) {
    error_message = error_message + "<?php echo js_lang(JS_FIRST_NAME); ?>";
    error = 1;
  }

  if (customers_lastname == "" || customers_lastname.length < <?php echo ENTRY_LAST_NAME_MIN_LENGTH; ?>) {
    error_message = error_message + "<?php echo js_lang(JS_LAST_NAME); ?>";
    error = 1;
  }

<?php if (ACCOUNT_DOB == 'true') { ?>
  if (customers_dob == "" || customers_dob.length < <?php echo ENTRY_DOB_MIN_LENGTH; ?>) {
    error_message = error_message + "<?php echo js_lang(JS_DOB); ?>";
    error = 1;
  }
<?php } ?>

  if (customers_email_address == "" || customers_email_address.length < <?php echo ENTRY_EMAIL_ADDRESS_MIN_LENGTH; ?>) {
    error_message = error_message + "<?php echo js_lang(JS_EMAIL_ADDRESS); ?>";
    error = 1;
  }

  if (entry_street_address == "" || entry_street_address.length < <?php echo ENTRY_STREET_ADDRESS_MIN_LENGTH; ?>) {
    error_message = error_message + "<?php echo js_lang(JS_ADDRESS); ?>";
    error = 1;
  }

  if (entry_postcode == "" || entry_postcode.length < <?php echo ENTRY_POSTCODE_MIN_LENGTH; ?>) {
    error_message = error_message + "<?php echo js_lang(JS_POST_CODE); ?>";
    error = 1;
  }

  if (entry_city == "" || entry_city.length < <?php echo ENTRY_CITY_MIN_LENGTH; ?>) {
    error_message = error_message + "<?php echo js_lang(JS_CITY); ?>";
    error = 1;
  }

<?php

	if (ACCOUNT_STATE == 'true') {
?>
  if (document.customers.elements['entry_state'].type != "hidden") {
    if (document.customers.entry_state.value == '' || document.customers.entry_state.value.length < <?php echo ENTRY_STATE_MIN_LENGTH; ?> ) {
       error_message = error_message + "<?php echo js_lang(JS_STATE); ?>";
       error = 1;
    }
  }
<?php

	}
?>

  if (document.customers.elements['entry_country_id'].type != "hidden") {
    if (document.customers.entry_country_id.value == 0) {
      error_message = error_message + "<?php echo js_lang(JS_COUNTRY); ?>";
      error = 1;
    }
  }

  if (customers_telephone == "" || customers_telephone.length < <?php echo ENTRY_TELEPHONE_MIN_LENGTH; ?>) {
    error_message = error_message + "<?php echo js_lang(JS_TELEPHONE); ?>";
    error = 1;
  }

  if (error == 1) {
    alert(unescape(error_message));
    return false;
  } else {
    return true;
  }
}
//-->
</script>
<?php } ?>
<script type="text/javascript">
<!--
jQuery(document).ready(function() {
	jQuery('.dataTableHeadingContent').hover(function() {
		jQuery(this).addClass('dataTableHeadingContent_hover');
	}, function() {
		jQuery(this).removeClass('dataTableHeadingContent_hover');
	});
});
//-->
</script>
</head>
<body>
<?php require(DIR_WS_INCLUDES.'header.php'); ?>
<div id="wrapper">
<table class="outerTable" cellspacing="0" cellpadding="0">
  <tr>
    <td class="columnLeft2" width="<?php echo BOX_WIDTH; ?>" valign="top">
		<?php require(DIR_WS_INCLUDES.'column_left.php'); ?>
	</td>
    <td class="boxCenter" valign="top">
		<table border="0" width="100%" cellspacing="0" cellpadding="2">
			<?php
			if($_GET['action'] == 'edit' || $_GET['action'] == 'update') {
				$customers = $db->db_query("SELECT
												c.payment_unallowed,
												c.shipping_unallowed,
												c.customers_gender,
												c.customers_vat_id,
												c.customers_status,
												c.member_flag,
												c.customers_firstname,
												c.customers_cid,
												c.customers_lastname,
												c.customers_dob,
												c.customers_email_address,
												a.entry_company,
												a.entry_street_address,
												a.entry_suburb,
												a.entry_postcode,
												a.entry_city,
												a.entry_state,
												a.entry_zone_id,
												a.entry_country_id,
												c.customers_telephone,
												c.customers_fax,
												c.customers_default_address_id
											FROM
												".TABLE_CUSTOMERS." c
												LEFT JOIN ".TABLE_ADDRESS_BOOK." a ON c.customers_default_address_id = a.address_book_id
											WHERE
												a.customers_id = c.customers_id
											AND
												c.customers_id = '".$_GET['cID']."'");

				$cInfo = new objectInfo($customers->fields);
				$newsletter_array = array (array ('id' => '1', 'text' => ENTRY_NEWSLETTER_YES), array ('id' => '0', 'text' => ENTRY_NEWSLETTER_NO));
			?>
		      <tr>
		        <td>
		        <table class="table_pageHeading" border="0" width="100%" cellspacing="0" cellpadding="0">
				  <tr>
				    <td class="pageHeading"><?php echo $cInfo->customers_lastname.' '.$cInfo->customers_firstname; ?></td>
				  </tr>
				</table>
		        <table class="table_pageHeading" border="0" width="100%" cellspacing="0" cellpadding="0">
		          <tr>
		            <td colspan="3" class="main"><?php echo HEADING_TITLE_STATUS  .': '.$customers_statuses_array[$customers->fields['customers_status']]['text'] ; ?></td>
		          </tr>
		        </table>
		        </td>
		      </tr>
		      <tr>
		        <td>&nbsp;</td>
		      </tr>
		      <tr><?php echo draw_form('customers', FILENAME_CUSTOMERS, get_all_get_params(array('action')).'action=update', 'post', 'onSubmit="return check_form();"').draw_hidden_field('default_address_id', $cInfo->customers_default_address_id); ?>
		        <td class="formAreaTitle"><?php echo CATEGORY_PERSONAL; ?></td>
		      </tr>
		      <tr>
		        <td class="formArea"><table border="0" cellspacing="2" cellpadding="2">
		<?php

			if (ACCOUNT_GENDER == 'true') {
		?>
		          <tr>
		            <td class="main"><?php echo ENTRY_GENDER; ?></td>
		            <td class="main"><?php

				if ($error == true) {
					if ($entry_gender_error == true) {
						echo draw_radio_field('customers_gender', 'm', false, $cInfo->customers_gender).'&nbsp;&nbsp;'.MALE.'&nbsp;&nbsp;'.draw_radio_field('customers_gender', 'f', false, $cInfo->customers_gender).'&nbsp;&nbsp;'.FEMALE.'&nbsp;'.ENTRY_GENDER_ERROR;
					} else {
						echo ($cInfo->customers_gender == 'm') ? MALE : FEMALE;
						echo draw_hidden_field('customers_gender');
					}
				} else {
					echo draw_radio_field('customers_gender', 'm', false, $cInfo->customers_gender).'&nbsp;&nbsp;'.MALE.'&nbsp;&nbsp;'.draw_radio_field('customers_gender', 'f', false, $cInfo->customers_gender).'&nbsp;&nbsp;'.FEMALE;
				}
		?></td>
		          </tr>
					<?php
						}
					?>
		          <tr>
		            <td class="main" bgcolor="#FFCC33"><?php echo ENTRY_CID; ?></td>
		            <td class="main" width="100%" bgcolor="#FFCC33"><?php

			echo draw_input_field('csID', $cInfo->customers_cid, 'maxlength="32"', false);
		?></td>
		          </tr>
		          <tr>
		            <td class="main"><?php echo ENTRY_FIRST_NAME; ?></td>
		            <td class="main"><?php

			if ($entry_firstname_error == true) {
				echo draw_input_field('customers_firstname', $cInfo->customers_firstname, 'maxlength="32"').'&nbsp;'.ENTRY_FIRST_NAME_ERROR;
			} else {
				echo draw_input_field('customers_firstname', $cInfo->customers_firstname, 'maxlength="32"', true);
			}
		?></td>
		          </tr>
		          <tr>
		            <td class="main"><?php echo ENTRY_LAST_NAME; ?></td>
		            <td class="main"><?php

			if ($error == true) {
				if ($entry_lastname_error == true) {
					echo draw_input_field('customers_lastname', $cInfo->customers_lastname, 'maxlength="32"').'&nbsp;'.ENTRY_LAST_NAME_ERROR;
				} else {
					echo $cInfo->customers_lastname.draw_hidden_field('customers_lastname');
				}
			} else {
				echo draw_input_field('customers_lastname', $cInfo->customers_lastname, 'maxlength="32"', true);
			}
		?></td>
		          </tr>
		<?php

			if (ACCOUNT_DOB == 'true') {
		?>
		          <tr>
		            <td class="main"><?php echo ENTRY_DATE_OF_BIRTH; ?></td>
		            <td class="main"><?php

				if ($error == true) {
					if ($entry_date_of_birth_error == true) {
						echo draw_input_field('customers_dob', date_short($cInfo->customers_dob), 'maxlength="10"').'&nbsp;'.ENTRY_DATE_OF_BIRTH_ERROR;
					} else {
						echo $cInfo->customers_dob.draw_hidden_field('customers_dob');
					}
				} else {
					echo draw_input_field('customers_dob', date_short($cInfo->customers_dob), 'maxlength="10"', true);
				}
		?></td>
		          </tr>
		<?php

			}
		?>
		          <tr>
		            <td class="main"><?php echo ENTRY_EMAIL_ADDRESS; ?></td>
		            <td class="main"><?php

			if ($error == true) {
				if ($entry_email_address_error == true) {
					echo draw_input_field('customers_email_address', $cInfo->customers_email_address, 'maxlength="96"').'&nbsp;'.ENTRY_EMAIL_ADDRESS_ERROR;
				}
				elseif ($entry_email_address_check_error == true) {
					echo draw_input_field('customers_email_address', $cInfo->customers_email_address, 'maxlength="96"').'&nbsp;'.ENTRY_EMAIL_ADDRESS_CHECK_ERROR;
				}
				elseif ($entry_email_address_exists == true) {
					echo draw_input_field('customers_email_address', $cInfo->customers_email_address, 'maxlength="96"').'&nbsp;'.ENTRY_EMAIL_ADDRESS_ERROR_EXISTS;
				} else {
					echo $customers_email_address.draw_hidden_field('customers_email_address');
				}
			} else {
				echo draw_input_field('customers_email_address', $cInfo->customers_email_address, 'maxlength="96"', true);
			}
		?></td>
		          </tr>
		        </table></td>
		      </tr>
		<?php

			if (ACCOUNT_COMPANY == 'true') {
		?>
		      <tr>
		        <td>&nbsp;</td>
		      </tr>
		      <tr>
		        <td class="formAreaTitle"><?php echo CATEGORY_COMPANY; ?></td>
		      </tr>
		      <tr>
		        <td class="formArea"><table border="0" cellspacing="2" cellpadding="2">
		          <tr>
		            <td class="main"><?php echo ENTRY_COMPANY; ?></td>
		            <td class="main"><?php

				if ($error == true) {
					if ($entry_company_error == true) {
						echo draw_input_field('entry_company', $cInfo->entry_company, 'maxlength="32"').'&nbsp;'.ENTRY_COMPANY_ERROR;
					} else {
						echo $cInfo->entry_company.draw_hidden_field('entry_company');
					}
				} else {
					echo draw_input_field('entry_company', $cInfo->entry_company, 'maxlength="32"');
				}
		?></td>
		          </tr>

		<?php if(ACCOUNT_COMPANY_VAT_CHECK == 'true'){ ?>
		          <tr>
		            <td class="main"><?php echo ENTRY_VAT_ID; ?></td>
		            <td class="main"><?php

				if ($error == true) {
					if ($entry_vat_error == true) {
						echo draw_input_field('customers_vat_id', $cInfo->customers_vat_id, 'maxlength="32"').'&nbsp;'.ENTRY_VAT_ID_ERROR;
					} else {
						echo $cInfo->customers_vat_id.draw_hidden_field('customers_vat_id');
					}
				} else {
					echo draw_input_field('customers_vat_id', $cInfo->customers_vat_id, 'maxlength="32"');
				}
		?></td>
		          </tr>
		<?php } ?>

		        </table></td>
		      </tr>
		<?php

			}
		?>
		      <tr>
		        <td>&nbsp;</td>
		      </tr>
		      <tr>
		        <td class="formAreaTitle"><?php echo CATEGORY_ADDRESS; ?></td>
		      </tr>
		      <tr>
		        <td class="formArea"><table border="0" cellspacing="2" cellpadding="2">
		          <tr>
		            <td class="main"><?php echo ENTRY_STREET_ADDRESS; ?></td>
		            <td class="main"><?php

			if ($error == true) {
				if ($entry_street_address_error == true) {
					echo draw_input_field('entry_street_address', $cInfo->entry_street_address, 'maxlength="64"').'&nbsp;'.ENTRY_STREET_ADDRESS_ERROR;
				} else {
					echo $cInfo->entry_street_address.draw_hidden_field('entry_street_address');
				}
			} else {
				echo draw_input_field('entry_street_address', $cInfo->entry_street_address, 'maxlength="64"', true);
			}
		?></td>
		          </tr>
		<?php

			if (ACCOUNT_SUBURB == 'true') {
		?>
		          <tr>
		            <td class="main"><?php echo ENTRY_SUBURB; ?></td>
		            <td class="main"><?php

				if ($error == true) {
					if ($entry_suburb_error == true) {
						echo draw_input_field('suburb', $cInfo->entry_suburb, 'maxlength="32"').'&nbsp;'.ENTRY_SUBURB_ERROR;
					} else {
						echo $cInfo->entry_suburb.draw_hidden_field('entry_suburb');
					}
				} else {
					echo draw_input_field('entry_suburb', $cInfo->entry_suburb, 'maxlength="32"');
				}
		?></td>
		          </tr>
		<?php

			}
		?>
		          <tr>
		            <td class="main"><?php echo ENTRY_POST_CODE; ?></td>
		            <td class="main"><?php

			if ($error == true) {
				if ($entry_post_code_error == true) {
					echo draw_input_field('entry_postcode', $cInfo->entry_postcode, 'maxlength="8"').'&nbsp;'.ENTRY_POST_CODE_ERROR;
				} else {
					echo $cInfo->entry_postcode.draw_hidden_field('entry_postcode');
				}
			} else {
				echo draw_input_field('entry_postcode', $cInfo->entry_postcode, 'maxlength="8"', true);
			}
		?></td>
		          </tr>
		          <tr>
		            <td class="main"><?php echo ENTRY_CITY; ?></td>
		            <td class="main"><?php

			if ($error == true) {
				if ($entry_city_error == true) {
					echo draw_input_field('entry_city', $cInfo->entry_city, 'maxlength="32"').'&nbsp;'.ENTRY_CITY_ERROR;
				} else {
					echo $cInfo->entry_city.draw_hidden_field('entry_city');
				}
			} else {
				echo draw_input_field('entry_city', $cInfo->entry_city, 'maxlength="32"', true);
			}
		?></td>
		          </tr>
		<?php

			if (ACCOUNT_STATE == 'true') {
		?>
		          <tr>
		            <td class="main"><?php echo ENTRY_STATE; ?></td>
		            <td class="main"><?php

				$entry_state = get_zone_name($cInfo->entry_country_id, $cInfo->entry_zone_id, $cInfo->entry_state);
				if ($error == true) {
					if ($entry_state_error == true) {
						if ($entry_state_has_zones == true) {
							$zones_array = array ();
							$zones = $db->db_query("SELECT zone_name from ".TABLE_ZONES." WHERE zone_country_id = '".($cInfo->entry_country_id)."' ORDER BY zone_name");
							while(!$zones->EOF) {
								$zones_array[] = array ('id' => $zones->fields['zone_name'], 'text' => $zones->fields['zone_name']);
								$zones->MoveNext();
							}
							echo draw_pull_down_menu('entry_state', $zones_array).'&nbsp;'.ENTRY_STATE_ERROR;
						} else {
							echo draw_input_field('entry_state', get_zone_name($cInfo->entry_country_id, $cInfo->entry_zone_id, $cInfo->entry_state)).'&nbsp;'.ENTRY_STATE_ERROR;
						}
					} else {
						echo $entry_state.draw_hidden_field('entry_zone_id').draw_hidden_field('entry_state');
					}
				} else {
					echo draw_input_field('entry_state', get_zone_name($cInfo->entry_country_id, $cInfo->entry_zone_id, $cInfo->entry_state));
				}
		?></td>
		         </tr>
		<?php

			}
		?>
		          <tr>
		            <td class="main"><?php echo ENTRY_COUNTRY; ?></td>
		            <td class="main"><?php

			if ($error == true) {
				if ($entry_country_error == true) {
					echo draw_pull_down_menu('entry_country_id', get_countries(), $cInfo->entry_country_id).'&nbsp;'.ENTRY_COUNTRY_ERROR;
				} else {
					echo get_country_name($cInfo->entry_country_id).draw_hidden_field('entry_country_id');
				}
			} else {
				echo draw_pull_down_menu('entry_country_id', get_countries(), $cInfo->entry_country_id);
			}
		?></td>
		          </tr>
		        </table></td>
		      </tr>
		      <tr>
		        <td>&nbsp;</td>
		      </tr>
		      <tr>
		        <td class="formAreaTitle"><?php echo CATEGORY_CONTACT; ?></td>
		      </tr>
		      <tr>
		        <td class="formArea"><table border="0" cellspacing="2" cellpadding="2">
		          <tr>
		            <td class="main"><?php echo ENTRY_TELEPHONE_NUMBER; ?></td>
		            <td class="main"><?php

			if ($error == true) {
				if ($entry_telephone_error == true) {
					echo draw_input_field('customers_telephone', $cInfo->customers_telephone, 'maxlength="32"').'&nbsp;'.ENTRY_TELEPHONE_NUMBER_ERROR;
				} else {
					echo $cInfo->customers_telephone.draw_hidden_field('customers_telephone');
				}
			} else {
				echo draw_input_field('customers_telephone', $cInfo->customers_telephone, 'maxlength="32"', true);
			}
		?></td>
		          </tr>
		          <tr>
		            <td class="main"><?php echo ENTRY_FAX_NUMBER; ?></td>
		            <td class="main"><?php

			if ($processed == true) {
				echo $cInfo->customers_fax.draw_hidden_field('customers_fax');
			} else {
				echo draw_input_field('customers_fax', $cInfo->customers_fax, 'maxlength="32"');
			}
		?></td>
		          </tr>
		        </table></td>
		      </tr>
		      <tr>
		        <td>&nbsp;</td>
		      </tr>
		      <tr>
		        <td class="formAreaTitle"><?php echo CATEGORY_OPTIONS; ?></td>
		      </tr>
		      <tr>
		        <td class="formArea"><table border="0" cellspacing="2" cellpadding="2">


		                  <tr>
		            <td class="main"><?php echo ENTRY_PAYMENT_UNALLOWED; ?></td>
		            <td class="main"><?php

			if ($processed == true) {
				echo $cInfo->payment_unallowed.draw_hidden_field('payment_unallowed');
			} else {
				echo draw_input_field('payment_unallowed', $cInfo->payment_unallowed, 'maxlength="255"');
			}
		?></td>
		          </tr>
		                    <tr>
		            <td class="main"><?php echo ENTRY_SHIPPING_UNALLOWED; ?></td>
		            <td class="main"><?php

			if ($processed == true) {
				echo $cInfo->shipping_unallowed.draw_hidden_field('shipping_unallowed');
			} else {
				echo draw_input_field('shipping_unallowed', $cInfo->shipping_unallowed, 'maxlength="255"');
			}
		?></td>
		         </tr>
		            <td class="main" bgcolor="#FFCC33"><?php echo ENTRY_NEW_PASSWORD; ?></td>
		            <td class="main" bgcolor="#FFCC33"><?php

		if ($error == true) {
			if ($entry_password_error == true) {
				echo draw_input_field('entry_password', $customers_password).'&nbsp;'.ENTRY_PASSWORD_ERROR;
			} else {
				echo draw_input_field('entry_password');
			}
		} else {
			echo draw_input_field('entry_password');
		}
		?></td>
		          </tr>
		          <tr>
		<?php include(DIR_WS_MODULES.FILENAME_CUSTOMER_MEMO); ?>
		          </tr>
		        </table></td>
		      </tr>
		      <tr>
		        <td>&nbsp;</td>
		      </tr>
		      <tr>
		        <td align="right" class="main"><button type="submit" class="button" onclick="this.blur();"><?php echo BUTTON_UPDATE; ?></button><?php echo ' <a class="button" onClick="this.blur();" href="'.href_link(FILENAME_CUSTOMERS, get_all_get_params(array('action'))) .'">'.BUTTON_CANCEL.'</a>'; ?></td>
		      </tr>
		<?php
		echo '</form>';
		} else {
		?>
      <tr>
        <td>
        	<table class="table_pageHeading" border="0" width="100%" cellspacing="0" cellpadding="0">
	   			<tr>
	     			<td class="pageHeading"><?php echo HEADING_TITLE; ?></td>
				</tr>
			</table>
		<?php

			$select_data = array ();
			$select_data = array (array ('id' => '99', 'text' => TEXT_SELECT), array ('id' => '100', 'text' => TEXT_ALL_CUSTOMERS));
		?>
        <table border="0" width="100%" cellspacing="0" cellpadding="0">
          <tr>
            <td align="right">
            <?php echo '<a class="button" onClick="this.blur();" href="'.href_link(FILENAME_CREATE_ACCOUNT).'">'.BUTTON_CREATE_ACCOUNT.'</a>'; ?>
            </td>
          </tr>
        </table></td>
      </tr>
      <tr>
        <td><table border="0" width="100%" cellspacing="0" cellpadding="0">
          <tr>
            <td valign="top">
            <div class="ar">
            	<?php
            		echo draw_form('status', FILENAME_CUSTOMERS, '', 'get');
					echo HEADING_TITLE_STATUS.': '.draw_pull_down_menu('status',array_merge($select_data, $customers_statuses_array), '99', 'onChange="this.form.submit();"'). '</form>';
				?>
			</div>
            <table width="100%" class="dataTable" cellspacing="0" cellpadding="0">
              <tr class="dataTableHeadingRow">
                <td class="dataTableHeadingContent" width="40"><?php echo TABLE_HEADING_ACCOUNT_TYPE; ?></td>
								<td class="dataTableHeadingContent"><?php echo TABLE_HEADING_CUSTOMERS_CID.sorting(FILENAME_CUSTOMERS,'customers_cid'); ?></td>
                <td class="dataTableHeadingContent"><?php echo TABLE_HEADING_LASTNAME.sorting(FILENAME_CUSTOMERS,'customers_lastname'); ?></td>
                <td class="dataTableHeadingContent"><?php echo TABLE_HEADING_FIRSTNAME.sorting(FILENAME_CUSTOMERS,'customers_firstname'); ?></td>
                <td class="dataTableHeadingContent"><?php echo 'Firmenname'.sorting(FILENAME_CUSTOMERS,'entry_company'); ?></td>
                <td class="dataTableHeadingContent" align="left"><?php echo HEADING_TITLE_STATUS; ?></td>
                <?php if (ACCOUNT_COMPANY_VAT_CHECK == 'true') {?>
                <td class="dataTableHeadingContent" align="left"><?php echo HEADING_TITLE_VAT; ?></td>
                <?php } ?>
                <td class="dataTableHeadingContent" align="right"><?php echo '<nobr>erstellt am</nobr>'.sorting(FILENAME_CUSTOMERS,'date_account_created'); ?></td>
                <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_ACTION; ?>&nbsp;</td>
              </tr>
					<?php

						$search = '';
						if (($_GET['search']) && (not_null($_GET['search']))) {
							$keywords = $_GET['search'];
							$search = "and (c.customers_lastname like '%".$keywords."%' or c.customers_firstname like '%".$keywords."%' or c.customers_email_address like '%".$keywords."%' or c.customers_cid like '%".$keywords."%')";
						}

						if ($_GET['status'] && $_GET['status'] != '100' || $_GET['status'] == '0') {
							$status = ($_GET['status']);
							//  echo $status;
							$search = "and c.customers_status = '".$status."'";
						}

							if ($_GET['sorting']) {
							switch ($_GET['sorting']) {
								case 'customers_cid' :
									$sort = 'order by c.customers_cid';
								break;

								case 'customers_cid-desc' :
									$sort = 'order by c.customers_cid DESC';
								break;

								case 'entry_company' :
									$sort = 'order by a.entry_company';
								break;

								case 'entry_company-desc' :
									$sort = 'order by a.entry_company DESC';
								break;

								case 'customers_firstname' :
									$sort = 'order by c.customers_firstname';
								break;

								case 'customers_firstname-desc' :
									$sort = 'order by c.customers_firstname DESC';
								break;

								case 'customers_lastname' :
									$sort = 'order by c.customers_lastname';
								break;

								case 'customers_lastname-desc' :
									$sort = 'order by c.customers_lastname DESC';
								break;

								case 'date_account_created' :
									$sort = 'order by ci.customers_info_date_account_created';
								break;

								case 'date_account_created-desc' :
									$sort = 'order by ci.customers_info_date_account_created DESC';
								break;

								default :
									$sort = 'order by c.customers_date_added DESC';
							}

						}

						$letter_sort = '';
						if ($_GET['sorting_letter']) {
							if ($_GET['sorting_letter'] != 'all')
								$letter_sort = " and c.customers_lastname LIKE '".$_GET['sorting_letter']."%' ";
							else
								$letter_sort = '';
						}

						$sql = "SELECT
									c.account_type,
									c.customers_id,
									c.customers_cid,
									c.customers_vat_id,
									c.customers_vat_id_status,
									a.entry_company,
									c.customers_lastname,
									c.customers_firstname,
									c.customers_email_address,
									a.entry_country_id,
									c.customers_status,
									c.member_flag,
									c.admin_id,
									ci.customers_info_date_account_created
								FROM
									".TABLE_CUSTOMERS." c ,
									".TABLE_ADDRESS_BOOK." a,
									".TABLE_CUSTOMERS_INFO." ci
								WHERE
									c.customers_id = a.customers_id
								AND
									c.customers_default_address_id = a.address_book_id
								AND
									ci.customers_info_id = c.customers_id
									".$search.$letter_sort."
								GROUP BY
									c.customers_id
									".$sort;

						$query = page_break_create($_POST['per_site'], $_GET['page'], $sql, 'customers.php');

						$customers = $query['query'];

						$rows=1;
						while(!$customers->EOF) {
							$info = $db->db_query("SELECT
														customers_info_date_account_created AS date_account_created,
														customers_info_date_account_last_modified AS date_account_last_modified,
														customers_info_date_of_last_logon AS date_last_logon,
														customers_info_number_of_logons AS number_of_logons
													FROM
														".TABLE_CUSTOMERS_INFO."
													WHERE
														customers_info_id = '".$customers->fields['customers_id']."'");

							if (((!$_GET['cID']) || (@ $_GET['cID'] == $customers->fields['customers_id'])) && (!$cInfo)) {
								$country = $db->db_query("SELECT countries_name from ".TABLE_COUNTRIES." WHERE countries_id = '".$customers->fields['entry_country_id']."'");

								$reviews = $db->db_query("SELECT COUNT(*) AS number_of_reviews from ".TABLE_REVIEWS." WHERE customers_id = '".$customers->fields['customers_id']."'");

								$customer_info = array_merge($country->fields, $info->fields, $reviews->fields);

								$cInfo_array = array_merge($customers->fields, $customer_info);
								$cInfo = new objectInfo($cInfo_array);
							}
							if ((is_object($cInfo)) && ($customers->fields['customers_id'] == $cInfo->customers_id)) {
								echo '<tr class="dataTableRowSelected" onmouseover="this.style.cursor=\'pointer\'" onclick="document.location.href=\''.href_link(FILENAME_CUSTOMERS, get_all_get_params(array ('cID', 'action')).'cID='.$cInfo->customers_id.'&action=edit').'\'">'."\n";
							} else {
								if ($rows % 2 == 0)
						    		$f = 'dataTableRow';
						    	else
						    		$f = '';
								echo '<tr class="'. $f.'" onmouseover="this.className=\'dataTableRowOver\';this.style.cursor=\'pointer\'" onmouseout="this.className=\''. $f.'\'" onclick="document.location.href=\''.href_link(FILENAME_CUSTOMERS, get_all_get_params(array ('cID')).'cID='.$customers->fields['customers_id']).'\'">'."\n";
							}

							if ($customers->fields['account_type'] == 1) {

								echo '<td class="dataTableContent">';
								echo TEXT_GUEST;

							} else {
								echo '<td class="dataTableContent">';
								echo TEXT_ACCOUNT;
							}
							echo '</td>';
					?>
					                <td class="dataTableContent" align="center"><?php echo ($customers->fields['customers_cid'] !='') ? $customers->fields['customers_cid'] : '-'; ?></td>
					                <td class="dataTableContent"><b><?php echo $customers->fields['customers_lastname']; ?></b></td>
					                <td class="dataTableContent"><?php echo $customers->fields['customers_firstname']; ?></td>
					                <td class="dataTableContent"><?php echo $customers->fields['entry_company']; ?></td>
					                <td class="dataTableContent" align="left"><?php echo $customers_statuses_array[$customers->fields['customers_status']]['text'].' ('.$customers->fields['customers_status'].')' ; ?></td>
					                <?php if (ACCOUNT_COMPANY_VAT_CHECK == 'true') {?>
					                <td class="dataTableContent" align="left">&nbsp;
					                <?php

							if($customers->fields['customers_vat_id']) {
								echo $customers->fields['customers_vat_id'].'<br /><span style="font-size:8pt"><nobr>('.validate_vatid_status($customers->fields['customers_id']).')</nobr></span>';
							}
					?>
                </td>
                <?php } ?>
                <td class="dataTableContent" align="right"><?php echo (date_short($info->fields['date_account_created']) !='') ? date_short($info->fields['date_account_created']) : '-'; ?></td>
                <td class="dataTableContent" align="right">
					<?php if ( (is_object($cInfo)) && ($customers->fields['customers_id'] == $cInfo->customers_id) ) {
						echo image(DIR_WS_IMAGES.'icon_arrow_right.gif', '');
					} else {
						echo '<a href="'.href_link(FILENAME_CUSTOMERS, get_all_get_params(array('cID')).'cID='.$customers->fields['customers_id']).'">'.image(DIR_WS_IMAGES.'icon_info.gif', IMAGE_ICON_INFO).'</a>'; } ?>&nbsp;</td>
			</tr>
		<?php
			$rows++;
				$customers->MoveNext();
			}
		?>
            </table>
            </td>
<?php

	$heading = array ();
	$contents = array ();
	switch ($_GET['action']) {
		case 'confirm' :
			$heading[] = array ('text' => '<b>'.TEXT_INFO_HEADING_DELETE_CUSTOMER.'</b>');

			$contents = array ('form' => draw_form('customers', FILENAME_CUSTOMERS, get_all_get_params(array ('cID', 'action')).'cID='.$cInfo->customers_id.'&action=deleteconfirm'));
			$contents[] = array ('text' => TEXT_DELETE_INTRO.'<br /><br /><b>'.$cInfo->customers_firstname.' '.$cInfo->customers_lastname.'</b>');
			if ($cInfo->number_of_reviews > 0)
				$contents[] = array ('text' => '<br />'.draw_checkbox_field('delete_reviews', 'on', true).' '.sprintf(TEXT_DELETE_REVIEWS, $cInfo->number_of_reviews));
			$contents[] = array ('align' => 'center', 'text' => '<br /><input type="submit" class="button" value="'.BUTTON_DELETE.'"><a class="button" href="'.href_link(FILENAME_CUSTOMERS, get_all_get_params(array ('cID', 'action')).'cID='.$cInfo->customers_id).'">'.BUTTON_CANCEL.'</a>');
			break;

		case 'editstatus' :
			if ($_GET['cID'] != 1) {
				$customers_history = $db->db_query("SELECT new_value, old_value, date_added, customer_notified FROM ".TABLE_CUSTOMERS_STATUS_HISTORY." WHERE customers_id = ".($_GET['cID'])." ORDER BY customers_status_history_id desc");
				$heading[] = array ('text' => '<b>'.TEXT_INFO_HEADING_STATUS_CUSTOMER.'</b>');
				$contents = array ('form' => draw_form('customers', FILENAME_CUSTOMERS, get_all_get_params(array ('cID', 'action')).'cID='.$cInfo->customers_id.'&action=statusconfirm'));
				$contents[] = array ('text' => '<br />'.draw_pull_down_menu('status', $customers_statuses_array, $cInfo->customers_status));
				$contents[] = array ('text' => '<table nowrap border="0" cellspacing="0" cellpadding="0"><tr><td style="border-bottom: 1px solid; border-color: #000000;" nowrap class="smallText" align="center"><b>'.TABLE_HEADING_NEW_VALUE.' </b></td><td style="border-bottom: 1px solid; border-color: #000000;" nowrap class="smallText" align="center"><b>'.TABLE_HEADING_DATE_ADDED.'</b></td></tr>');

				if($customers_history->_numOfRows) {
					while(!$customers_history->EOF) {

						$contents[] = array ('text' => '<tr>'."\n".'<td class="smallText">'.$customers_statuses_array[$customers_history->fields['new_value']]['text'].'</td>'."\n".'<td class="smallText" align="center">'.datetime_short($customers_history->fields['date_added']).'</td>'."\n".'<td class="smallText" align="center">');

						$contents[] = array ('text' => '</tr>'."\n");
						$customers_history->MoveNext();
					}
				} else
					$contents[] = array ('text' => '<tr>'."\n".' <td class="smallText" colspan="2">'.TEXT_NO_CUSTOMER_HISTORY.'</td>'."\n".' </tr>'."\n");
				
				$contents[] = array('text' => '</table>');
				$contents[] = array('text' => '<hr />');
				$contents[] = array('text' => '<b>welche Rolle?</b>');
				$admin_groups[] = array('id' => '', 'text' => 'bitte wählen'); 
				$get_admin_groups = $db->db_query("SELECT agID, group_name  FROM ".TABLE_ADMIN_ACCESS_GROUPS." ORDER BY group_id ");
				while(!$get_admin_groups->EOF) {
					$admin_groups[] = array('id' => str_replace('g_', '', $get_admin_groups->fields['agID']), 'text' => $get_admin_groups->fields['group_name']); 
					$get_admin_groups->MoveNext();
				}
				$contents[] = array('text' => draw_pull_down_menu('admin_group', $admin_groups, $cInfo->admin_id).'<br />');
				
				$contents[] = array('align' => 'center', 'text' => '<input type="submit" class="button" value="'.BUTTON_UPDATE.'"><a class="button" href="'.href_link(FILENAME_CUSTOMERS, get_all_get_params(array ('cID', 'action')).'cID='.$cInfo->customers_id).'">'.BUTTON_CANCEL.'</a>');
				$status = $_POST['status'];
			}
			break;

		default :
			$customer_status = get_customer_status($_GET['cID']);
			$cs_id = $customer_status['customers_status'];
			$cs_member_flag = $customer_status['member_flag'];
			$cs_name = $customer_status['customers_status_name'];
			$cs_image = $customer_status['customers_status_image'];
			$cs_discount = $customer_status['customers_status_discount'];
			$cs_ot_discount_flag = $customer_status['customers_status_ot_discount_flag'];
			$cs_ot_discount = $customer_status['customers_status_ot_discount'];
			$cs_staffelpreise = $customer_status['customers_status_staffelpreise'];
			$cs_payment_unallowed = $customer_status['customers_status_payment_unallowed'];


			if (is_object($cInfo)) {
				$heading[] = array ('text' => '<b>'.$cInfo->customers_firstname.' '.$cInfo->customers_lastname.'</b>');
				if ($cInfo->customers_id != 1) {
					$contents[] = array ('align' => 'center', 'text' => '<a class="button" onClick="this.blur();" href="'.href_link(FILENAME_CUSTOMERS, get_all_get_params(array ('cID', 'action')).'cID='.$cInfo->customers_id.'&action=edit').'">'.BUTTON_EDIT.'</a>');
				}
				if ($cInfo->customers_id == 1 && $_SESSION['customer_id'] == 1) {
					$contents[] = array ('align' => 'center', 'text' => '<a class="button" onClick="this.blur();" href="'.href_link(FILENAME_CUSTOMERS, get_all_get_params(array ('cID', 'action')).'cID='.$cInfo->customers_id.'&action=edit').'">'.BUTTON_EDIT.'</a>');
				}
				if ($cInfo->customers_id != 1) {
					$contents[] = array ('align' => 'center', 'text' => '<a class="button" onClick="this.blur();" href="'.href_link(FILENAME_CUSTOMERS, get_all_get_params(array ('cID', 'action')).'cID='.$cInfo->customers_id.'&action=confirm').'">'.BUTTON_DELETE.'</a>');
					
					$contents[] = array ('align' => 'center', 'text' => '<a class="button" onClick="this.blur();" href="'.href_link(FILENAME_CUSTOMERS, get_all_get_params(array ('cID', 'action')).'cID='.$cInfo->customers_id.'&action=editstatus').'">'.BUTTON_STATUS.'</a>');
				}

				$contents[] = array ('align' => 'center', 'text' => '<a class="button" onClick="this.blur();" href="'.href_link(FILENAME_ORDERS, 'cID='.$cInfo->customers_id).'">'.BUTTON_ORDERS.'</a> <a class="button" onClick="this.blur();" href="'.href_link(FILENAME_MAIL, 'selected_box=tools&customer='.$cInfo->customers_email_address).'">'.BUTTON_EMAIL.'</a>');
				$contents[] = array ('align' => 'center', 'text' =>	'<a class="button" onClick="this.blur();" href="'.href_link(FILENAME_CUSTOMERS, get_all_get_params(array ('cID', 'action')).'cID='.$cInfo->customers_id.'&action=new_order').'" onClick="return confirm(\''.NEW_ORDER.'\')">'.BUTTON_NEW_ORDER.'</a>');

				$contents[] = array ('text' => '<br />'.TEXT_DATE_ACCOUNT_CREATED.' '.date_short($cInfo->date_account_created));
				$contents[] = array ('text' => '<br />'.TEXT_DATE_ACCOUNT_LAST_MODIFIED.' '.date_short($cInfo->date_account_last_modified));
				$contents[] = array ('text' => '<br />'.TEXT_INFO_DATE_LAST_LOGON.' '.date_short($cInfo->date_last_logon));
				$contents[] = array ('text' => '<br />'.TEXT_INFO_NUMBER_OF_LOGONS.' '.$cInfo->number_of_logons);
				$contents[] = array ('text' => '<br />'.TEXT_INFO_COUNTRY.' '.$cInfo->countries_name);
				$contents[] = array ('text' => '<br />'.TEXT_INFO_NUMBER_OF_REVIEWS.' '.$cInfo->number_of_reviews);
			}

			if ($_GET['action'] == 'iplog') {
				if (isset ($_GET['cID'])) {
					$contents[] = array ('text' => '<br /><b>IPLOG :');
					$customers_id = ($_GET['cID']);
					$customers_log_info = get_user_info($customers_id);
					if($customers_log_info->_numOfRows) {
						while(!$customers_log_info->EOF) {
							$contents[] = array ('text' => '<tr>'."\n".'<td class="smallText">'.$customers_log_info->fields['customers_ip_date'].' '.$customers_log_info->fields['customers_ip'].' '.$customers_log_info->fields['customers_advertiser']);
							$customers_log_info->MoveNext();
						}
					}
				}
				break;
			}
			}

			if ((not_null($heading)) && (not_null($contents))) {
				echo '<td width="250" class="border" valign="top">'."\n";
				$box = new box;
				echo $box->infoBox($heading, $contents);
				echo '</td>'."\n";
			}

			$customer_page_dropdown = '<form name="anzahl" action="'.$_SERVER['REQUEST_URI'].'" method="GET">'. "\n";

			if($_GET['oID'] != '')
				$customer_page_dropdown .= draw_hidden_field('oID', $_GET['oID']);
			if($_GET['page'] != '')
				$customer_page_dropdown .= draw_hidden_field('page', $_GET['page'])."\n";

			$customers_options = array();

			$customers_options[] = Array('id' => '10', 'text' => '10');
			$customers_options[] = Array('id' => '20', 'text' => '20');
			$customers_options[] = Array('id' => '50', 'text' => '50');
			$customers_options[] = Array('id' => '100', 'text' => '100');

			$customer_page_dropdown .= draw_pull_down_menu('anzahl', $customers_options, ($_GET['anzahl'] != '' ? $_GET['anzahl'] : '20'), 'onchange="this.form.submit()"')."\n";

			$customer_page_dropdown .= '</form>'."\n";

		?>
			</tr>
			<tr>
				<td><br />
					<table border="0" width="100%" cellspacing="0" cellpadding="2">
						<tr class="page_break">
							<td class="smallText" valign="top" width="33.33%">
								<?php echo 'Angezeigt werden '.$query['from'].' bis '.$query['to'].' (von insgesamt '.$query['total'].' Kunden)'; ?>
							</td>
							<td class="smallText" align="right" width="33.33%"></td>
							<td align="right" width="33.33%">
								<?php
									echo 'Kunden pro Seite: '.$query['page_break']->perSiteDropdown($_GET['page']);
								?>
							</td>
						</tr>
						<tr><td align="center" colspan="3"><?php echo '<br />'.$query['links']; ?></td></tr>
						<?php if (not_null($_GET['search'])) { ?>
						<tr>
							<td align="right" colspan="2"><?php echo '<a class="button" onClick="this.blur();" href="'.href_link(FILENAME_CUSTOMERS).'">'.BUTTON_RESET.'</a>'; ?></td>
						</tr>
						<?php } ?>
					</table>
				</td>
          </tr>
        </table></td>
      </tr>
	<?php } ?>
    </table></td>
  </tr>
</table>
</div>
<?php require(DIR_WS_INCLUDES.'footer.php'); ?>
</body>
</html>
<?php require(DIR_WS_INCLUDES.'application_bottom.php'); ?>